a31e8c02b958ce92a72331455bffb74b15f9b4ae77c3b7f2768f9165c6de43d1 | Triage

Sharing

General

Target

a31e8c02b958ce92a72331455bffb74b15f9b4ae77c3b7f2768f9165c6de43d1
Size

559KB
Sample

221031-1923fsdfe7
MD5

65d6c97b9438fa3d2b37b4b747dc97c0
SHA1

268d9c96c47ce8c774638365df9b9cc9b87cfb9f
SHA256

a31e8c02b958ce92a72331455bffb74b15f9b4ae77c3b7f2768f9165c6de43d1
SHA512

8de2ce53f520da5971cf1bcd84fd651539db9a57a9cd2ed2e2a1f8b93cce56b21eeb62ddb906d899f824e941f305aade25be3d25111d2029e62c9e710006a4b6
SSDEEP

12288:ux/opsYy0bfXAubvdg13au7l/egLf+c62IjVLU62IjVL/:aAD7b7S13au9RL2cIOI1

Score

6^/10

Malware Config

Targets

- Target
  
  歌曲搜索程序1/AxInterop.WMPLib.dll
- Size
  
  52KB
- MD5
  
  f83cef81d53e4397fbd1f6d92e15947e
- SHA1
  
  0c07dc3db5beaf80960fae75c4f89635dd12bc43
- SHA256
  
  5ba1e4751a04bda95ef371822b0de90e2169e5a9307c024c979b6be22dd498f2
- SHA512
  
  498b05a143ca5b45c22a46a79eff93ed731aa8207ac58953bd72e74b910f762cb097d8489488110e59f3388e4773c463e0eee55c0bff64f287a20a6eafa968c0
- SSDEEP
  
  768:2TiglqcPGmH+BSITBFo+iRdbBFS1WSbfi5qlD+P2mHvaVhXUWdYsXnd:tgvH+oETfiRnFS1WSbfi5qlsaV2WGkd
Score

1^/10
behavioral1 behavioral2
- Target
  
  歌曲搜索程序1/Interop.WMPLib.dll
- Size
  
  323KB
- MD5
  
  c8a4c5ceffc1cb5299af1a03de0bc132
- SHA1
  
  679e42f88732b3159cdc4bf72f410475b93e666c
- SHA256
  
  8d627bfc6fd6c75c4793e2cab78cae7ca2c9496d6fd10db127876a563b00ae08
- SHA512
  
  4b2ecfbe88189f61c8625a2613bf464073a2308e1c8e35128949125c2aff556dc8df60204e091010d66a73efeb6ad4fed20ff6187134b36a65bbbb177fd92585
- SSDEEP
  
  6144:bpkr2dY/aBcjJOBHOBIQBajMtWvoJiLE1+XgRKz89G/4ZSb0Funwh6DsN2PIpCrb:bpkr2dY/aBcjJOBHOBIQBajMtWvoJiLj
Score

1^/10
behavioral3 behavioral4
- Target
  
  歌曲搜索程序1/Newtonsoft.Json.dll
- Size
  
  492KB
- MD5
  
  5e02ddaf3b02e43e532fc6a52b04d14b
- SHA1
  
  67f0bd5cfa3824860626b6b3fff37dc89e305cec
- SHA256
  
  78bedd9fce877a71a8d8ff9a813662d8248361e46705c4ef7afc61d440ff2eeb
- SHA512
  
  38720cacbb169dfc448deef86af973eafefa19eaeb48c55c58091c9d6a8b12a1f90148c287faaaa01326ec47143969ad1b54ee2b81018e1de0b83350dc418d1c
- SSDEEP
  
  12288:axrplPT3qwNBC3wl1zVh0Yg0pJy/qleTpfZLQ0so/VHjh:a1plPGwNBC3UOwVeLQ0so/VH
Score

1^/10
behavioral5 behavioral6
- Target
  
  歌曲搜索程序1/歌曲搜索.exe
- Size
  
  41KB
- MD5
  
  ad31e8465c637cb7ed8b09704fd4aa18
- SHA1
  
  0c7fbb4d09cba433556069cf0b2c749a77e14775
- SHA256
  
  56c7ed865ddeaa37ce5efef504def72cd752451133c7aff9fa89d924cce4b087
- SHA512
  
  553256ce5120cbef3725bf30518af75903f3a215d046c330be25f1efc723a29f67f300b9c99bbf80bc88e9e6ca1966adc176d2fabf690b8d063f1603121cc3f7
- SSDEEP
  
  768:KkVP/j5PCroBK5lkj5z8Gr2S/K9KpIJpyDh/k4pgZWm+:ptPCrog7kdzViS/K9KpICDtk8g
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8